Firewalls Don't Stop Dragons Podcast

Dive into the vibrant history of Phrack, a pioneering zine that emerged from the early BBS culture. Explore the quirky world of phone phreaking, blue boxes, and the economics of accessing remote networks. Discover the ethos behind hacking as an art form and the significance of the Hacker Manifesto. Delve into the legacy of influential articles like 'Smashing the Stack' and ponder the evolution of hacker culture amid today's AI advancements. This journey captures the spirit of innovation and rebellion in the digital age.

As the holiday season approaches, scammers ramp up their activities. The discussion covers alarming current scams, including the ClickFix malware trick and a clever Apple Support phishing scheme. Learn how to protect yourself from clipboard attacks and the importance of using hardware security keys. The podcast also touches on recent cybersecurity news, like the FCC scrapping essential rules and the end of a flight records program. Plus, there are festive gift suggestions, focusing on privacy-conscious options and tools to safeguard your network.

Join smart-home expert Stacey Higginbotham, cybersecurity manager Yael Grauer, and security consultant Jeff Landale as they dive into holiday tech gifting. They share strategies for choosing gifts that prioritize privacy and ease of setup. Expect tales of tech gift disasters and a candid discussion on invasive AI ads and problematic devices to avoid. The trio also highlights alternative non-tech gifts and offers tips for ensuring a smooth gifting experience. Tune in for insights that will help you navigate the tricky landscape of tech presents!

Dive into the murky waters of online privacy! Learn how data brokers collect your personal information and discover an easy way to remove it. Meta's new policy allows ads based on your AI chats, while Google's shopping tool raises eyebrows about AI handling purchases. Explore OpenTable's controversial guest profiling and the revelation of the first AI-driven espionage campaign. With lawmakers pushing VPN bans and new health privacy regulations on the table, the landscape of your digital safety is evolving fast.

In a powerful discussion, Grace Menna, a public interest cybersecurity fellow, joins legal expert Michael Razeeq, emergency management coordinator Eric Franco, and COO Adrien Ogee. They explore the urgent need for cybersecurity volunteers to support under-resourced organizations facing increasing cyber threats. Topics include the formation of the Cyber Resilience Corps, the challenges of trust and confidentiality in volunteer efforts, and strategies for sustainable funding. The team emphasizes the importance of empowering communities to be self-sufficient and advocates for legal reforms to improve cybersecurity practices.

Today we’ll wrap up my series of tips for enumerating all your old online accounts and deciding whether to delete them or just dumb down the personal data they have on you. There are several things to consider – we’ll go through them all! In other news: a study ranks the most private AI chatbots; LinkedIn is set to use your personal data to train their AI; ChatGPT has released an AI browser; new phishing scam for password manager creds; Gmail did not leak 183M passwords; man discovers his robot vacuum sharing lots of personal data; more info on Cellebrite’s mobile hacking abilities; Flock expanded its surveillance with Ring and drones; and group finds that half of our satellite communications are not encrypted. Article Links Which Generative AI Is Most Privacy-Respecting? https://www.obscureiq.com/which-generative-ai-is-most-privacy-respecting/ LinkedIn will use your data to train AI – how to opt out https://proton.me/blog/linkedin-ai-training Chatgpt Atlas Browser https://www.washingtonpost.com/technology/2025/10/22/chatgpt-atlas-browser/ Phishing scam uses fake death notices to trick LastPass users https://www.malwarebytes.com/blog/news/2025/10/phishing-scam-uses-fake-death-notices-to-trick-lastpass-users No, Gmail has not suffered a massive 183 million passwords breach https://www.techradar.com/pro/security/no-gmail-has-not-suffered-a-massive-183-million-passwords-breach-but-you-should-still-look-after-your-data Man Alarmed to Discover His Smart Vacuum Was Broadcasting a Secret Map of His House https://futurism.com/robots-and-machines/robot-vacuum-broadcasting Someone Snuck Into a Cellebrite Microsoft Teams Call and Leaked Phone Unlocking Details https://www.404media.co/someone-snuck-into-a-cellebrite-microsoft-teams-call-and-leaked-phone-unlocking-details/ Ring cameras are about to get increasingly chummy with law enforcement https://arstechnica.com/gadgets/2025/10/ring-cameras-are-about-to-get-increasingly-chummy-with-law-enforcement/ Exclusive: Flock Safety paid over $300 million for 17-month-old drone startup Aerodome https://techcrunch.com/2024/10/23/flock-safety-paid-over-300-million-for-17-month-old-drone-startup-aerodome/ Leak From the Sky: It Turns Out a Lot of Satellite Data Is Unencrypted” https://www.pcmag.com/news/leak-from-the-sky-it-turns-out-a-lot-of-satellite-data-is-unencrypted Tip of the Week: https://firewallsdontstopdragons.com/removing-old-accounts/  Further Info Data Diet series: https://firewallsdontstopdragons.com/data-diet-introduction/  Backing up 2FA seed codes: https://firewallsdontstopdragons.com/how-to-backup-2fa-seed-codes/  Using email aliases: https://firewallsdontstopdragons.com/how-to-use-email-aliases-part-1/  Claudito: https://github.com/micahflee/claudito  LM Studio: https://lmstudio.ai/  Dark Wire book: https://www.hachettebookgroup.com/titles/joseph-cox/dark-wire/9781541702691/  My book: https://fdsd.me/book  My newsletter: https://fdsd.me/newsletter  Support our mission! https://fdsd.me/support  Give the gift of privacy and security: https://fdsd.me/coupons  Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch  Table of Contents 0:00:07: Intro 0:00:27: News briefs 0:01:49: News preview 0:03:53: Which AI Is Most Privacy-Respecting? 0:09:21: LinkedIn will use your data to train AI 0:14:23: ChatGPT’s new Altas browser 0:21:46: Phishing scam uses fake death notices 0:25:32: Gmail has NOT suffered a massive password breach 0:27:57: Man finds smart vacuum sending maps of home 0:33:41: More Cellebrite capability details leak 0:38:28: Flock inks deal with Ring cameras 0:42:57: Flock Safety buys drone company 0:46:52: Half of satellite comms are unencrypted 0:51:26: Tip of the Week 1:00:01: Patron podcast preview 1:00:18: Looking ahead 1:01:39: New patron promotion coming?

In this engaging discussion, Eamonn Maguire, Director of Engineering for AI at Proton, dives into the urgent privacy concerns surrounding AI chatbots. He highlights the risks of data harvesting and the implications of training AI on personal information. Eamonn explains Proton's innovative Lumo model, designed to prioritize privacy with zero access encryption and a no-logs policy. He also shares the importance of transparency, the potential of open-source technology, and how local-only options can enhance user security in a rapidly evolving digital landscape.

This discussion tackles the importance of securing old online accounts and downloading personal data before deciding to delete or suspend them. It also highlights alarming news like the end of Windows 10 support and seniors being targeted by malware on Facebook. Privacy concerns rise with the risks of Tile trackers being exploited, a massive Salesforce data leak, and a major Discord breach exposing sensitive user information. Plus, new age-verification laws in Texas and California spark privacy debates.

Jake Braun, co-founder of DEF CON Franklin and former acting principal deputy national cyber director, discusses the vulnerabilities in our critical infrastructure, particularly water utilities. He explains how the pandemic increased cyber threats, necessitating volunteer efforts to bolster security. Braun emphasizes the need for civic engagement and shares insights from pilot programs aimed at helping utilities enhance their defenses. He also highlights the challenges small utilities face and encourages listeners to get involved and support these crucial initiatives.

In this engaging conversation, Paul Roberts, a cybersecurity journalist and founder of the Secure Resilient Future Foundation, discusses the pressing issue of insecure IoT devices. He highlights the dangers of abandoned devices as tech time bombs that can lead to botnets and national security risks. Paul advocates for the right to repair, explaining how it can enhance security and longevity. He also emphasizes the need for transparency in device support lifecycles and the responsibilities of ISPs in maintaining hardware, offering practical solutions for listeners to get involved.